Something to look forward to: Multi-factor authentication and two-factor authentication are increasingly common login methods for websites and internet services. Spotify still doesn’t provide an official way to use MFA or 2FA for all customers, but this is expected to change in the future.
According to screenshots shared on Reddit, some users have recently started receiving new 2FA authentication requests from Spotify. This could be a significant change for a company that has yet to implement a general MFA or 2FA authentication method.
The Swedish streaming company has sent security codes via email to an unspecified number of users, asking them to enter the code to complete the login process. There is no official word about the change yet. So far, Spotify has offered a two-step verification method only to creators, adding an extra layer of security to the Spotify for Artists program.
Two-factor authentication improves security, but it can also be exploited as an additional method to verify how users are actually trying to access the service. Spotify recently increased prices for all its premium plans, adding a new $10.99 Basic plan for ad-free streaming in the US. However, the Basic plan does not provide access to audiobooks.
Some users didn’t like the price hike and started to employ alternative methods to stream their favorite music, such as using leaked credentials or third-party apps. Enabling 2FA for all users would likely give Spotify an easy way to bring rebellious, ad-hating users back in line, but it would also cut access to unofficial apps and login methods.
As the Reddit API controversy clearly shows, turning a significant portion of your user base into a sworn enemy isn’t exactly the most effective way to do business on the internet. People commenting on Spotify threads on Reddit are apparently welcoming the new 2FA login addition. Some are even asking for support for more secure authentication methods like passkeys.
As things stand now, Spotify is likely experimenting with 2FA in a somewhat unreliable and covert way. Spotify for Artists doesn’t force creators to activate two-step verification, although the company strongly recommends it. Artists can use an authenticator app such as Google Authenticator or an SMS text message to securely access their account.
